CVE-2007-5525
https://notcve.org/view.php?id=CVE-2007-5525
Unspecified vulnerability in the Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, and 10.1.4.0.1; Collaboration Suite 10.1.2; and Enterprise Manager 10.1.2 has unknown impact and remote attack vectors, aka AS10. Vulnerabilidad no especificada en el componente Oracle Single Sign-On de Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.2, y 10.1.4.0.1; Collaboration Suite 10.1.2; y Enterprise Manager 10.1.2 tiene impacto desconocido y vectores de ataque remotos, también conocido como AS10. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •
CVE-2007-5526
https://notcve.org/view.php?id=CVE-2007-5526
Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2, 10.1.2.2, and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS11. Vulnerabilidad no especificada en el componente Oracle Portal de Oracle Application Server 10.1.2.0.2, 10.1.2.2, y 10.1.4.1, y Collaboration Suite 10.1.2, tiene impacto desconocido y vectores de ataque remotos, también conocido como AS11. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •
CVE-2007-3854
https://notcve.org/view.php?id=CVE-2007-3854
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5 allow remote authenticated users to have unknown impact via (1) SYS.DBMS_PRVTAQIS in the Advanced Queuing component (DB02) and (2) MDSYS.MD in the Spatial component (DB12). NOTE: Oracle has not disputed reliable researcher claims that DB02 is for SQL injection and DB12 is for a buffer overflow. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5+, 9.2.0.7 y 10.1.0.5, permiten a usuarios autenticados remotoss tener un impacto desconocido por medio de (1) SYS.DBMS_PRVTAQIS en el componente Advanced Queuing (DB02) y (2) MDSYS.MD en el componente Spatial (DB12). NOTA: Oracle no ha cuestionado las afirmaciones de investigadores confiables de que DB02 es para una inyección SQL y DB12 para un desbordamiento de búfer. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html http://w •
CVE-2007-2123
https://notcve.org/view.php?id=CVE-2007-2123
Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.3 up to 10.1.3.2.0, 10.1.2 up to 10.1.2.2.0, and 9.0.4.3 has unknown impact and attack vectors, aka AS04. Vulnerabilidad no especificada en el componente Portal en Oracle Application Server 10.1.3 hasta la 10.1.3.2.0, 10.1.2 hasta la 10.1.2.2.0, y 9.0.4.3 tiene un impacto desconocido y vectores de ataque, también conocido como AS04. • http://www.oracle.com/technetwork/topics/security/cpuapr2007-090632.html http://www.red-database-security.com/advisory/oracle_cpu_apr_2007.html http://www.securityfocus.com/archive/1/466329/100/200/threaded http://www.securityfocus.com/bid/23532 http://www.securitytracker.com/id?1017927 http://www.us-cert.gov/cas/techalerts/TA07-108A.html http://www.vupen.com/english/advisories/2007/1426 •